Hi, after tls_init() and OPENSSL_init_ssl() errno is always set to EINVAL. This is caused by a routine that tries to prefetch all error strings up to 127 from strerror(3). But, strerror(3) sets EINVAL for unknown values of error.
Thus, I would suggest to set this constant to ELAST. So, we will avoid useless unknown error strings and a non-zero errno after tls_init(). I guess this is not serious enough for the current release. But, we might fix this after unlocking of the tree? ok? bye, Jan Index: lib/libcrypto//err/err.c =================================================================== RCS file: /cvs/src/lib/libcrypto/err/err.c,v retrieving revision 1.50 diff -u -p -r1.50 err.c --- lib/libcrypto//err/err.c 26 Dec 2022 07:18:52 -0000 1.50 +++ lib/libcrypto//err/err.c 24 Mar 2023 20:07:18 -0000 @@ -560,7 +560,7 @@ int_err_get_next_lib(void) #ifndef OPENSSL_NO_ERR -#define NUM_SYS_STR_REASONS 127 +#define NUM_SYS_STR_REASONS ELAST #define LEN_SYS_STR_REASON 32 static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];